<?php
session_start();
include "config.php";

if( isLogged() ){
    header('Location:index.php');
}

if(isset($_POST['log'])){
    $username = $_POST['log'];
    $password = $_POST['pwd'];
    
    // check
    $q = "
        SELECT 
            `id`
        FROM `caramel_managerial`.`user_account`
        WHERE
            `username`='$username'
            AND `password`='$password'";
            
    $id = $db->get_var($q);
    
    if( count($id) != null ){
        // get role
        $q = "SELECT
                role, 
                subbagian
              FROM 
                `caramel_managerial`.`user_role`
              WHERE
                `account_id`='$id'";
                
        $roles = $db->get_results($q, ARRAY_A);
        if( count($roles) > 0 ){
            $role = array();
            
            foreach($roles as $r){
                $role[$r['subbagian']]=$r['role'];
            }
            
            $_SESSION['role'] = $role;
            header('location:index.php');
        }
        else{
            die('Database error, contact your administrator');
        }
    }
    else{
        echo '<script>alert("Username/password salah");</script>';
    }    
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html dir="ltr" xmlns="http://www.w3.org/1999/xhtml" lang="en-US"><head>
<title>Log In</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="include/css/login.css" type="text/css" media="all">
<link rel="stylesheet" href="include/css//colors-fresh.css" type="text/css" media="all">
</head>
<body class="login">

<div id="login">
<h1><a href="#">WEB-GIS</a></h1>
<form name="loginform" id="loginform" action="login.php" method="post">
	<p>
		<label>Username<br>
		<input name="log" id="user_login" class="input" value="" size="20" tabindex="10" type="text"></label>
	</p>
	<p>
		<label>Password<br>
		<input name="pwd" id="user_pass" class="input" value="" size="20" tabindex="20" type="password"></label>
	</p>
	<p class="submit">
		<input name="wp-submit" id="wp-submit" value="Log In" tabindex="100" type="submit">
	</p>
</form>

</div>
<script type="text/javascript">
try{document.getElementById('user_login').focus();}catch(e){}
</script>
</body>
</html>